[Secure-testing-commits] r16242 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Feb 23 21:26:39 UTC 2011 

Author: jmm
Date: 2011-02-23 21:26:32 +0000 (Wed, 23 Feb 2011)
New Revision: 16242

Modified:
   data/CVE/list
   data/ospu-candidates.txt
   data/spu-candidates.txt
Log:
python issue no-dsa





Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-23 21:15:41 UTC (rev 16241)
+++ data/CVE/list	2011-02-23 21:26:32 UTC (rev 16242)
@@ -196,11 +196,15 @@
 CVE-2008-7274 (IBM WebSphere Application Server (WAS) 6.1.0.9, when the JAAS Login ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2008-XXXX [path traversal in CGIHTTPServer]
-	- python2.5 <unfixed>
-	- python2.4 <removed>
-	NOTE: looks like it is fixed since 2.6 and 3.0
+	- python2.6 <unfixed> (low; bug #614860)
+	[squeeze] - python2.6 <no-dsa> (Minor issue)
+	- python2.5 <unfixed> (low)
+	[squeeze] - python2.5 <no-dsa> (Minor issue)
+	[lenny] - python2.5 <no-dsa> (Minor issue)
+	- python2.4 <removed> (low)
+	[lenny] - python2.4 <no-dsa> (Minor issue)
+	NOTE: Python 3.1 is fixed
 	NOTE: http://bugs.python.org/issue2254
-	TODO: check, request id
 CVE-2010-XXXX [kfreebsd dos]
 	- kfreebsd-8 <unfixed> (low; bug #613312; bug #611476)
 	[squeeze] - kfreebsd-8 <no-dsa> (Can be fixed through a point update)

Modified: data/ospu-candidates.txt
===================================================================
--- data/ospu-candidates.txt	2011-02-23 21:15:41 UTC (rev 16241)
+++ data/ospu-candidates.txt	2011-02-23 21:26:32 UTC (rev 16242)
@@ -483,6 +483,16 @@
 
 --
 
+python2.4 [path traversal in CGIHTTPServer]
+http://bugs.python.org/issue2254
+
+--
+
+python2.5 [path traversal in CGIHTTPServer]
+http://bugs.python.org/issue2254
+
+
+
 python-numpy (CVE-2010-XXXX [numpy memory corruption])
 #581058
 http://projects.scipy.org/numpy/changeset/8364

Modified: data/spu-candidates.txt
===================================================================
--- data/spu-candidates.txt	2011-02-23 21:15:41 UTC (rev 16241)
+++ data/spu-candidates.txt	2011-02-23 21:26:32 UTC (rev 16242)
@@ -62,6 +62,16 @@
 
 --
 
+python2.6 [path traversal in CGIHTTPServer]
+http://bugs.python.org/issue2254
+
+--
+
+python2.5 [path traversal in CGIHTTPServer]
+http://bugs.python.org/issue2254
+
+--
+
 stunnel (CVE-2011-XXXX)
 http://www.stunnel.org/?page=sdf_ChangeLog (v4.35)

More information about the Secure-testing-commits mailing list